a40c7cabf874517f5d3d069e0377fa9348e10344000e39717c1a6571939ba7c0

Analysis

max time kernel
2886025s
max time network
134s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
25-11-2022 00:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a40c7cabf874517f5d3d069e0377fa9348e10344000e39717c1a6571939ba7c0.apk
Size

29.1MB
MD5

54a85378f28085923115ee44f540ff8a
SHA1

2e40f7fd49fa8538879f90a85300247fbf2f8f67
SHA256

a40c7cabf874517f5d3d069e0377fa9348e10344000e39717c1a6571939ba7c0
SHA512

853d315b460f899c3b4e7e2d6e071763dea1f4c58f8ea1547d8a234eda12e7ee8a1b2c4c5f51f7f4074061f3c50dc5e1892e33520d0b7eec3a82e3f1c4c74917
SSDEEP

393216:bjd8b3Stod1v3uFwCPwmSPk3biaOhECW1Fypl+W9ESATkXQY0/rBxqHoyvc2IG6a:ZbKhE3cYQAYA/q3Qq2w2AA+1Aphm

Score

6^/10

ransomware

Malware Config

Signatures

Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.secure.vpn

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.secure.vpn

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.secure.vpn

com.secure.vpn
1⤵
- Uses Crypto APIs (Might try to encrypt user data).
PID:4073

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.secure.vpn/cache/rndseq
Filesize
48B

MD5
7b49f23c68523958b3a7a3495e55af8e

SHA1
d58d0dd69e76cc59fc1b45a187e4839361cff2d6

SHA256
92c36199c0d23ee97ea47ccd2ba837b22daf9e855ebe0a17abcd15928b8c1d73

SHA512
ee0e8be82e4b4ed868b9e8062d0f6e51444b5c7d673e3d29b77e38790ef0c6400a017fbb1251e473f27a805288fef07f723126a106c95a1548a679d072c7b753

Download Submit
/data/user/0/com.secure.vpn/databases/MonDB
Filesize
144KB

MD5
7896693ee9e02846070672c3c2bca830

SHA1
2301d38f72bff092e53ccfebd69b484b0f053df4

SHA256
f35d72ce83885b2f43a9bc97ce1d1594ffc66c9a8ca48a2076548b069109f852

SHA512
f92665101d542e1bcd2fa006dcc965adad1fb8a25e29773323a7c6bd27ab74edc3b1631ae9a9616f686ae59eec3b152443dbf636c6babfde3aa27ef00813a3aa

Download Submit
/data/user/0/com.secure.vpn/databases/MonDB-journal
Filesize
524B

MD5
57e3396bfba55d5acf110ee5ad2ddf3b

SHA1
97f89c197258de4bcdb14334bf3ecb2cf6feae43

SHA256
1f757c60eadb6f8b22215c76b168d8191b677b9930984648050fd505e6b4b569

SHA512
aec462940da9d2faeb23808ccf519bdf078c4391f34abd040d39c3fed803a58c0a823b9243a2e30b6f93694bed4892b137b93a5422da1ab50985216b524ffb3d

Download Submit
/data/user/0/com.secure.vpn/databases/MonDB-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.secure.vpn/databases/MonDB-wal
Filesize
422KB

MD5
1f1077a0c8b32f804b0719f042138eb9

SHA1
cb5100b7d5e8bfed22d40c0da538fbb3c9afc365

SHA256
72da64c9a9bb0ef724a894a8e1e5bda1056b91370a2b5b3a1f36442d9000a4c0

SHA512
dd0cb3a0eb8aff14eb5237157c16a493f102b01e009bf57385f23ab81186a15a9fc3bbaba775eab6c164a5914fb5637180661af03ef2831a2aafb8d11dfd4446

Download Submit
/data/user/0/com.secure.vpn/databases/anchorfree-ucr.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.secure.vpn/databases/anchorfree-ucr.db-journal
Filesize
524B

MD5
3cfa9108c7ea32b3f34af7c803d7e05e

SHA1
41e70c826ce5c758447b6af1cfb6dfbec5df9417

SHA256
9bbd503c6fc920bda6b04e90898b50240fdb1237fa5734b407cb00a5742f5595

SHA512
3131e76e03e3234c1afc9548043d53f14d0cd678cc96e60db03f2b87595ddfded04c34ec7bc9e3088f04173da685c46e812c5ee891dbf6146a5ca62d7a8b81c4

Download Submit
/data/user/0/com.secure.vpn/databases/anchorfree-ucr.db-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.secure.vpn/databases/anchorfree-ucr.db-wal
Filesize
32KB

MD5
875ff0963b25fe727c9ebe7d5c31f6ca

SHA1
8e6a8918a4373328ba457496256168aa478a76a4

SHA256
ce5bb971ef717e88e1669278ab53646b2e71040e2fa80fef9a143e23712398ea

SHA512
f419959ae96d7072754c24bd689d03803d5d2d99b7c78c7b74aa16cd08e7cf7355676bdc5a91b6098744cd151a96e29a7c4be2556be7f56fc75ea1cd1874598f

Download Submit
/data/user/0/com.secure.vpn/databases/key_value_store.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.secure.vpn/databases/key_value_store.db-journal
Filesize
524B

MD5
1919db46e231a82d0ffe03dd4fe39c7b

SHA1
da37e94b294d544dd8b2698f60dbd6c0aaac28c1

SHA256
0158f7b643a8550a4c05ef545c21b77578bc167e9a5f5d2026629bc8cc940d8e

SHA512
8676ca90fbcb73d2f9621e7d8530b0e70f311d74340317a98448240829534149c0425f1a2d0449f5aeb9b931ba94274d0e0b78a7533ba69e1a216f17101c95ea

Download Submit
/data/user/0/com.secure.vpn/databases/key_value_store.db-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.secure.vpn/databases/key_value_store.db-wal
Filesize
209KB

MD5
63c30c1bbba2f7c1c96797861e823550

SHA1
4675a31b1e28aedffaf6c18b6c655a43adf8e592

SHA256
ca859ca4507602599f1d8e1262da8a6d5bc9a7ae4339655b267a3e09ea7df5a3

SHA512
5a073bce3139e08464f4f7355ef600516ffc1c38239f6fb036bb3df542681146f4c78b35c6a09723f9c86549286a6a79eb0a561da1739389335a5a77755bb6a1

Download Submit
/data/user/0/com.secure.vpn/no_backup/androidx.work.workdb
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.secure.vpn/no_backup/androidx.work.workdb-journal
Filesize
524B

MD5
89093d4b2a9c149fb696c8c82ad6bb86

SHA1
31ac06666fc3f5ebebc203bbedfb3500cfd0530e

SHA256
560ed65bca1cb1558b1c7ae97c75cbf5a95506c38fbe782cb2698d92c7fba979

SHA512
45fe9b480e78336692483041da77a3f618f5ef71d1ee8317cf3dfe7414722ef5d01ab0c012362bc435b5a08efd96288e7690427e64979af142d9a7ef02c1502e

Download Submit
/data/user/0/com.secure.vpn/no_backup/androidx.work.workdb-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.secure.vpn/no_backup/androidx.work.workdb-wal
Filesize
189KB

MD5
5d044436dc12143675166755ef3efbcb

SHA1
1782403d9a7639296c626c0e0d820f3810e82a46

SHA256
6e55ab63923de2d705e1fba07ef367e07207f53e30d63bb968812b6f95b4fe72

SHA512
a063e63b0b5989521ff6e345cf78725e97baa217d69bd11a481cab331193a8805a846eb84acc523566da5c854efc0980ab7bc37beee57ea00138306710de7ad6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads